Digital signatures have been used to show the authenticity of a digital message transmitted from one computing device to another computing device. For example, digital signatures can be used to detect forgery or tampering in software distribution to ensure that the software is from the true provider of the software and the software has not been modified during the transmission from the software provider to the software user.
In one embodiment, a digital signature is generated based on the content of the communication, such as the software to be distributed, such that if the content of the communication is modified, the digital signature generated from the original content of the communication would not match with the content of the modified communication. The digital signature is also generated based on a secret, without which it is very difficult, or computationally infeasible, to generate a proper digital signature for a given communication. Thus, a properly verified digital signature indicates that the communication has not been modified, and the communication is from the entity that is in possession of the secret.